Cyber Simulation and Threat Assessment

Abstract

Modeling and simulation (M&S) have long been considered a critical element within systems engineering. Up until recently, M&S has not been applied to the cybersecurity domain area. Part of the reason is the maturity of the cybersecurity modeling tools to aid in the analyses of this multi-faceted problem. M&S techniques have been applied to the sensor, weapons, command & control and logistics within the Department of Defense industry; but these areas are typically not as dynamic as cyber where threats are evolving within seconds or minutes, as opposed to years or decades. This talk will discuss a new modeling & simulation framework that cybersecurity subject matter experts can leverage to better understand the issue. Called the Cyber Attack Network Simulation Tool Suite, this framework can be applied to both academic research projects and DoD contract work. The National Vulnerability Database (NVD) and Common Attack Pattern Enumeration and Classification (CAPEC) are valuable resources to understand cyber threats and their assessments; they are commonly referenced by network professionals, software developers and cyber analysts over the course of the information system development process. The M&S framework in this talk highlights the need to parse the NVD and CAPEC so that validated cyber threats can be ingested in a simulation environment.